The CyberWire Daily Podcast 3.12.24
Ep 2022 | 3.12.24

Biden's budget boost for cybersecurity.

Transcript

Biden’s budget earmarks thirteen billion bucks for cyber security. DOJ targets AI abuse. A US trade mission to the Philippines includes cyber training. CISA and OMB release a secure software attestation form. CyberArk explores AI worms. Russia arrests a South Korean on cyber espionage charges. French government agencies are hit with DDoS attacks. Jessica Brandt is named director of the Foreign Malign Influence Center. Afternoon Cyber Tea host Ann Johnson speaks with her guest Keren Elazari about the hacker mindset. Google builds itself the Bermuda Triangle of Broadband.

Today is March 12th, 2024. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

Biden’s budget earmarks thirteen billion bucks for cyber security. 

The Biden administration's latest budget proposal, with a discretionary spending total of $1.67 trillion, earmarks $13 billion for U.S. federal civilian cybersecurity in the upcoming fiscal year, a modest increase of about $1 billion from the current year's budget. Military cybersecurity is set to receive $7.4 billion, contributing to the Department of Defense's overall $14.5 billion for cyber-related activities, marking a rise from this year's $13.5 billion request. The budget also allocates $800 million to assist low-resourced hospitals in enhancing their cybersecurity and $500 million for a program promoting advanced cybersecurity investments. The Department of Treasury will get a $150 million boost to secure its systems against sophisticated threats, reflecting the critical role of its IT systems in managing trillions of dollars.

However, the Cybersecurity and Infrastructure Security Agency (CISA) might see a slight decrease in its cybersecurity budget to $1.24 billion from the current estimate of $1.3 billion, despite a total proposed budget of $2.5 billion for the agency. This proposal comes amidst ongoing appropriations challenges and partisan debates over CISA's role and budget, potentially affecting its ability to initiate new programs, particularly those aimed at implementing zero trust architecture in response to a 2021 executive order. The budget highlights incremental increases in cybersecurity funding amid broader concerns over federal spending and cybersecurity efficacy.

DOJ targets AI abuse. 

The Justice Department is increasing its focus on artificial intelligence misuse, particularly in white-collar crimes such as price fixing, fraud, and market manipulation, with Deputy Attorney General Lisa Monaco emphasizing harsher sentences for deliberate misuse. Companies will be evaluated on their AI risk management within their compliance programs, reflecting the department's concern over AI's potential exploitation by both corporate criminals and foreign adversaries. This stance was highlighted following charges against a former Google engineer for stealing AI trade secrets, underscoring the dual nature of AI as both a promising and perilous technology. Monaco's comments aim to alert businesses to their legal responsibilities in mitigating AI risks, with federal prosecutors poised to seek stiffer sentences for AI-related misconduct.

A US trade mission to the Philippines includes cyber training. 

Microsoft plans to train 100,000 Philippine women in AI and cybersecurity through an online platform, teaching them to utilize Microsoft's AI tools for workplace skills and threat recognition. Additionally, Microsoft will introduce an AI-powered reading tool for 27 million Philippine students, aiming to improve literacy rates highlighted by a World Bank study showing significant reading struggles among students. The initiative, announced during a US trade mission led by Commerce Secretary Gina Raimondo, includes partnerships with the Philippine government and educational institutions to enhance economic advancement and cybersecurity while addressing disinformation issues in the Philippines.

CISA and OMB release a secure software attestation form. 

The Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) have introduced a secure software development attestation form to ensure software producers comply with secure development practices before their products are used by federal agencies. This initiative, stemming from Executive Order 14028, aims to fortify the software supply chain's security as outlined by the NIST Secure Software Development Framework. Software producers must now self-attest that their software, developed in line with specified practices, is secure. The attestation, requiring a signature from a company's CEO or an authorized designee, plays a pivotal role in leveraging secure development techniques. Additionally, third-party assessments by FedRAMP certified organizations can substitute for self-attestation. This move, part of the Biden-Harris Administration's broader cybersecurity strategy, seeks to enhance the digital ecosystem's stewardship and promote software that is inherently secure, impacting not just federal government security but also global software practices.

CyberArk explores AI worms. 

Research from CyberArk notes how the rapid advancement of generative AI systems like OpenAI's ChatGPT and Google's Gemini has introduced new cybersecurity risks, notably the emergence of AI worms such as WormGPT. These worms can autonomously replicate, steal data, and deploy malware, representing a significant threat to cybersecurity. Recent research has demonstrated their capabilities through experiments like Morris II, an AI worm designed to exploit vulnerabilities in interconnected AI systems for prompt injection attacks. To counter these threats, it is crucial for individuals and organizations to remain vigilant and implement proactive cybersecurity measures. CyberArk’s study underscores the need for continuous innovation in cybersecurity defenses and the importance of secure AI system design, human oversight, and active monitoring to mitigate risks. This emerging threat landscape necessitates a collaborative effort to ensure the security of our digital ecosystem in the face of sophisticated AI-driven attacks.

Russia arrests a South Korean on cyber espionage charges. 

Russia has arrested a South Korean citizen, Baek Won-soon, on cyber espionage charges, marking the first such detention of a South Korean national by Russia. Initially detained in Vladivostok, Won-soon has been transferred to Moscow for further investigation and is currently held at the Lefortovo pretrial detention center. He is accused of transmitting classified "top secret" information to foreign intelligence agencies. This incident occurs amidst growing geopolitical tensions. This case also follows the U.S. arrest of a former Google engineer for allegedly stealing proprietary information and working covertly for China-based companies.

French government agencies are hit with DDoS attacks. 

Multiple French government agencies were hit by "intense" cyberattacks since Sunday night, according to the Prime Minister's office. Though the specifics of the attacks were not disclosed, they are believed to involve distributed denial-of-service (DDoS) attacks, using familiar but notably intense technical methods. Despite the unprecedented scale of these offensives, the French government has managed to mitigate their impact, with most services restored and state websites accessible again. A crisis cell has been activated to implement countermeasures, including filtering measures by the information security agency ANSSI. While the attacks have not been officially attributed to any group, Pro-Russia Group NoName claimed responsibility for targeting French authorities and the state-owned electricity company EDF, amid ongoing tensions over France's support to Ukraine.

Jessica Brandt is named director of the Foreign Malign Influence Center.

Ahead of the 2024 presidential election, the U.S. intelligence community has enhanced its election security team, appointing Jessica Brandt as the first official director of the Foreign Malign Influence Center. Established in 2021, this center within the Office of the Director of National Intelligence focuses on combating foreign interference in U.S. elections. With Brandt's extensive experience in foreign influence, information operations, and digital authoritarianism, her appointment aims to bolster federal efforts against election interference, which has been a significant concern following attempts during the last two presidential campaigns. Officials have highlighted the persistent threat of foreign influence campaigns, notably from China and Russia, and the evolving challenges posed by technological advances like generative AI. The intelligence community, including Brandt's team, is actively briefing various stakeholders to prepare for potential interference in the upcoming election, with a focus on monitoring and quickly attributing influence and interference operations.

 

Coming up, Ann Johnson shares a segment of her conversation from Afternoon Cyber Tea with guest Keren Elazari about the hacker mindset. 

 

Google builds itself the Bermuda Triangle of Broadband. 

And finally, 

Google's newly designed "Bay View" campus, a project aimed at rethinking office space, has encountered significant Wi-Fi issues since its opening in May 2022. Described by some as the "Bermuda Triangle" of broadband due to its complex, tent-like metal and glass structure with a unique "Gradient Canopy" roof, the design inadvertently hampers Wi-Fi signal propagation. Employees have resorted to using Ethernet cables, phone hotspots, or working outside to circumvent the spotty or non-existent Wi-Fi coverage within the building. Google has acknowledged the problem and is actively seeking solutions, aiming to improve the situation in the coming weeks, especially as the company encourages a "return to office" policy.

It’s an interesting dilemma. Our signals intelligence desk reminds us that RF stands for random failure, and we can’t help wondering if architectural firms might find it in their best interest to have an RF engineer give their plans a once-over before submitting them to the client. 

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

We’d love to know what you think of this podcast. You can email us at cyberwire@n2k.com—your feedback helps us ensure we’re delivering the information and insights that help keep you a step ahead in the rapidly changing world of cybersecurity.

We’re privileged that N2K and podcasts like the CyberWire are part of the daily intelligence routine of many of the most influential leaders and operators in the public and private sector, as well as the critical security teams supporting the Fortune 500 and many of the world’s preeminent intelligence and law enforcement agencies.

N2K strategic workforce intelligence optimizes the value of your biggest investment—people. We make you smarter about your team, while making your team smarter. Learn more at n2k.com.

 

This episode was produced by Liz Stokes. Our mixer is Tré Hester, with original music by Elliott Peltzman. Our executive producers are Jennifer Eiben and Brandon Karpf. Our executive editor is Peter Kilpe, and I’m Dave Bittner. Thanks for listening.